Gesture-based signature authentication

ABSTRACT

Embodiments of the invention are generally directed to systems, methods, devices, and machine-readable mediums for implementing gesture-based signature authentication. In one embodiment, a method may involve recording a first gesture-based signature and storing the recorded first gesture-based signature. Then the method compares the first gesture-based signature with a second gesture-based signature. Then the method verifies the first gesture-based signature as authentic when the first gesture-based signature is substantially similar to the second gesture-based signature.

TECHNICAL FIELD

Embodiments of the invention generally relate to the field of integratedcircuits and, more particularly, to systems, methods, devices, andmachine-readable mediums for gesture-based signature authentication.

BACKGROUND

There are a number of software applications that require authentication.For example, many e-commerce, home banking, and network accessapplications need authentication to provide the user a level ofsecurity. In most cases the need for authentication is addressed byrequiring the user to enter a text-based password or passphrase.Text-based passwords, and especially passphrases, are more difficult toinput when using a small mobile devices. The use of passwords andpassphrases are restricted to the availability of suitable keyboards.Additionally, text-based passwords and passphrases can be easilycompromised when a malicious user determines the correct password orpassphrase.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention are illustrated by way of example, and notby way of limitation, in the figures of the accompanying drawings inwhich like reference numerals refer to similar elements.

FIG. 1 illustrates several examples of motion gestures that may beutilized as gesture-based signatures.

FIG. 2 illustrates an embodiment of the glyph capture buffer, audiocapture buffer, and 3D movement buffer in memory.

FIG. 3 is a flow diagram of an embodiment of a gesture-based signatureregistration phase.

FIG. 4 is a flow diagram of an embodiment of a process to authenticate agesture-based signature.

FIG. 5 illustrates an embodiment of a computing device that implements agesture-based authentication process.

DETAILED DESCRIPTION

Embodiments are generally directed to systems, methods, and apparatusesfor implementing gesture-based signature authentication.

In many embodiments, a process to use a combination of gesturesincluding glyphs entered in a touch screen (which may include singletouch or multi-touch capable touch screens), sounds captured by amicrophone, and movements registered by motion sensors may be used inplace of a standard text-based password for use with a mobile computingdevice. The term “gesture” will be applied to any user enteredcombination of glyphs, movements and sounds that the user enters intothe mobile computing device through input devices. A gesture-basedsignature can be verified as performed by the authentic user (i.e.,authenticated) through a series of calculations. Once the gesture-basedsignature has been authenticated, the gesture-based signature can besubstituted for a correct text-based password that is then input into apassword field to gain access to a software application or website.Logic to perform gesture identification, comparison, and verificationprocesses may be present within the mobile computing device. Thisprocess does not require significant changes to application or websiteinfrastructure.

FIG. 1 illustrates several examples of motion gestures that may beutilized as gesture-based signatures.

Each of the samples involves a user holding the mobile computing deviceA and making a series of movements in three-dimensional space. In orderfor these movements to be recognized, mobile device A needs anintegrated motion sensor device (e.g., an accelerometer).

A coordinate space reference at the top of the page illustrates thepositive X, Y, and Z directions in three-dimensional space. Based onthat reference, we now turn to gesture sample signature A 100, whichshows the mobile device A first moving in the positive Z direction, thenthe negative Z direction, then a clockwise circle, and finally, thenegative X direction. This description is rudimentary for ease ofexplanation. In a real example, a user's hand is generally not going toonly travel back and forth along an axis in three-dimensional space.

Rather, in a true example of motion capture in three-dimensional space,a buffer will be created to store X, Y, Z coordinate triplets in 3Dspace. The coordinate triplets will be stored at the end of a timeinterval since the previous coordinate triplet was acquired. Forexample, mobile device A may store a coordinate triplet of the currentlocation of the mobile device A in 3D space every 0.001 seconds. Thiswould create a histogram in 3D space of the location of the mobiledevice at a 0.001 second granularity. In other embodiments, the intervalgranularity may be shorter or longer.

In many embodiments, a user presses a button on the mobile device tobegin capture of the signature. Once the button is pressed, the 3Dcoordinates at the current location of the device may be zeroed out as arelative reference point. Then the coordinate capture begins uponpressing the button and the coordinate triplets are continuously storeduntil a button is pressed again by the user to indicate that thegesture-based signature is complete.

Gesture sample signature B 102 utilizes mobile device B, which includesa touch screen display. The touch screen display may be utilized tocapture a glyph. In some embodiments, a user may use their hand as theinput instrument on the touch screen. In other embodiments, the user mayuse a pen or other pointing device as the input instrument on the touchscreen. In different embodiments the glyph may be any combination ofmovements captured by the touch screen. The combination of movements mayresemble a collection of letters or symbols. Although, any combinationof movements is acceptable so even seemingly random movements that donot resemble letters or symbols may be captured as the glyph, such as ahandwritten signature.

Glyph capture may resemble the 3D space motion capture where a buffermay be created that stores X, Y coordinate doubles. These X, Ycoordinate doubles may then be saved into the buffer once every timeinterval, which creates a time-based memory of how the glyph was createdon the touch screen.

Furthermore, the mobile devices each include a microphone (e.g., theaudio receiver in a cell phone). A word or phrase may be spoken into themicrophone and saved as an audio frequency pattern over time in a bufferin the mobile device.

Returning to gesture sample signature B 102, the user may enter a glyphon the touch screen and then speak a word (e.g., “football”) into themicrophone on the mobile device as a combination of a glyph and audiogesture-based signature. Gesture sample signature C 104 illustrates agesture-based signature utilizing all three types of input methods. Forexample, the user may enter a glyph on the touch screen, then speak aphrase into the microphone on the mobile device (e.g., “Umbrella”), andthen move the mobile device in 3D space.

In many embodiments, two or more types of gestures may be simultaneouslyentered as a more advanced requirement for the gesture-based signature.For example, in gesture sample signature C 104, the user might firstenter the glyph, but then speak the phrase and move the device in 3Dspace simultaneously. In many embodiments, a user may press a startgesture capture sequence button on the mobile device indicating thestart of the sequence. At the start of the gesture capture sequence theglyph capture buffer, audio capture buffer, and 3D movement buffer areeach initialized. Then the three buffers are utilized simultaneously tocapture all three types of gestures (i.e., glyph, voice, and 3Dmovement) throughout the entire length of the gesture capture sequence.The gesture capture sequence ends as soon as an end capture sequencebutton is pressed on the mobile device.

FIG. 2 illustrates an embodiment of the glyph capture buffer, audiocapture buffer, and 3D movement buffer in memory.

In many embodiments, memory 200 includes each of a glyph capture buffer202, an audio capture buffer 204, and 3D movement buffer 206. Thesebuffers are initialized at the start of a gesture capture sequence. Inmany embodiments, these buffers line up by acquisition times, as shownby the time column to the left of the buffers. For example, if Time 0represents the start of a gesture capture period and there are n captureintervals, then Time 0+n intervals is the end of the gesture captureperiod. Each time interval has a saved amount of glyph data (X,Ycoordinates), audio data (instantaneous frequency map of the audiblespectrum as captured by the microphone), and 3D location data (X,Y,Zcoordinates) in the respective buffers.

Once the capture period has completed, the buffers may be saved to agesture-based signature file and stored in a storage location. In manyembodiments, the storage location of the gesture-based signature filemay be secured through the use of hardware or software-based securitymeasures (e.g., signed public and private security keys, hashalgorithms, hardware measurement techniques, etc.). In otherembodiments, storage location may be a remote server using a securechannel, for connected comparison and use of the signature.

In order to harden the password, several variables are taken intoaccount, including the timing and the way in which a glyph is drawn onthe screen, the time speed at which a phrase is spoken in relation tothe drawing of the glyph, the frequency of the user voice, etc. Bytaking all these points of data into account, even if the spoken phraseand the handwritten signature are compromised, it remains difficult toforge the gesture-based signature. Using a basic example of utilizingtime as a factor in the comparison of two gesture-based signatures, arelative temporal (i.e., time) element may be introduced for the entirecapture period length. In other words, the length of time it takes tofully record two separate attempts at the same gesture-based signaturemay need to be within a predetermined maximum discrepancy of time whencomparing the two signatures. So if a first signature very nearlyduplicates the coordinates of a second signature, but the firstsignature takes twice as long to complete, this may cause comparisonlogic to result with a “no match.”

There are two general phases associated with gesture-based signatureauthentication. The first phase is the registration phase, which dealswith generating a new gesture and safely storing it into the mobiledevice. The new gesture may require a training period where the userbecomes familiar with the gesture and can substantially repeat thegesture combination desired as the password. Once the user has becomeconfident that he or she can successfully repeatedly enter the fullgesture without a substantial chance of having gesture comparison logicreject the gesture due to discrepancies, the gesture signature file maythen be stored for future use.

In many embodiments, gesture identification and comparison logic withinthe mobile device will have the user enter the gesture-based signatureseveral times and average out the coordinate, audio, and time datastored in the buffers during each capture period. Additionally, thevariability of the user's ability to recreate the gesture-basedsignature may cause a maximum discrepancy threshold to increase ordecrease. The maximum discrepancy threshold may be a discrepancy pertime interval between the averaged coordinate and audio data and themost recently captured coordinate and audio data. For example, if theobserved glyph coordinate data between several capture period trainingattempts varies widely, the gesture comparison and verification logicmay allow a greater variability in the X,Y glyph data when determiningthe authenticity of the signature most recently recorded and a storedversion of the signature.

Glyph and 3D movement gestures are represented by a finite list of oneor more (for multi-touch devices) coordinates and their correspondingacquisition times. This makes a handwritten glyph-based and/or 3Dmovement-based signature harder to forge, since time-based coordinateinformation is stored, which reveals the way the signature is drawn onthe touch screen or in the air, as well as the speed at which eachstroke is usually performed.

In many embodiments, the gesture-based signature file is stored as alist of tuples of the form (input device, input value, acquisitiontime), for example ((touch screen); (8,33); 0).

Each registered gesture-based signature may be associated with a givenapplication or website. Therefore, additional information is requestedfrom the user, including the site/application, username, and text-basedpassword if the user already possesses such password. If the user doesnot already possess such a password, then the text-based password can beautomatically generated in this phase. This text-based passwordinformation is stored in a safe storage location.

FIG. 3 is a flow diagram of an embodiment of a gesture-based signatureregistration phase.

The process is performed by processing logic, which may comprisehardware (e.g., circuitry), software (e.g., an operating system orapplication), firmware (e.g., microcode), or any combination of two ormore of the listed types of processing logic.

The process begins with a user starting the signature registrationprocessing logic to register a gesture-based signature (processing block300). Next, a user enters a gesture-based signature into the processinglogic (processing block 302). In many embodiments, block 302 isperformed several times until the entry has been sufficiently learned bythe processing logic, including the variability levels of each type ofgesture the user makes for the signature being registered.

Processing logic then determines if a username exists for user at theapplication or website that the user wants to implement a gesture-basedsignature for (processing block 304). If the username exists, thenprocessing logic associates the gesture-based signature to thewebsite/application, the username, and the password. The ASCII-based(i.e., text-based) password will correspond to the gesture-basedsignature. For example, if a user wants to log in to a website thatrequires a username and password, processing logic first associates avalid text-based username and password for the user to gain access tothe website. Once the valid text-based username and password have beendiscovered, processing logic may associate this information with aparticular gesture-based signature file. Processing logic then storesthe gesture-based signature in a secure storage location (processingblock 308).

Returning to block 304, if the username does not exist for theapplication or website, then processing logic generates an ASCII-basedpassword from the signature (processing block 310) and then associatesthe gesture-based signature to the website/application and username(processing block 312). Finally, processing logic then stores thegesture-based signature in a secure storage location (processing block308).

The authentication phase deals with the moment when the signature isbeing compared with the registered one for authentication purposes.Specifically, the process to authenticate a user proceeds as follows. Anapplication or website requires the user to enter his/her username andpassword. The application/website developer uses a provided API(application programming interface) that will launch a graphicalinterface asking the user to enter a gesture-based signature.

The user then enters a gesture-based signature. The gesture-basedsignature entered by the user is then compared to the registeredsignature for that site/application. Since no two signatures from thesame user are likely to be identical, algorithms that take into accountvariability, as mentioned above, may be used to compare the registeredgesture-based signature with the newly entered gesture-based signature.Signatures that are compared would be required to be substantiallysimilar in regard to time, coordinates, and voice frequencies. Just howsimilar would be signature specific, considering the variability persignature may differ depending on how well a user can repeat thesignature during initial training capture periods. In some embodiments,a process described as Dynamic Type Warping may be utilized. DynamicType Warping performs point-to-point correspondence for data at eachacquisition time. A smart selection of acquisition points may then becompared.

In some embodiments, the gesture-based signature comparison processinglogic may be offloaded to a backend server coupled to a network that themobile computing device is also coupled to. In many embodiments thatutilize a backend server for comparison of the two signatures, theregistered signature may be stored at the backend server.

Once the newly-entered gesture-based signature is matched to aregistered signature, the associated text-based password is returned tothe external application/website, which then permits the user to log in.

FIG. 4 is a flow diagram of an embodiment of a process to authenticate agesture-based signature.

The process is performed by processing logic, which may comprisehardware (e.g., circuitry), software (e.g., an operating system orapplication), firmware (e.g., microcode), or any combination of two ormore of the listed types of processing logic.

The process begins by processing logic in the application or web browsercalling gesture-based signature comparison logic through the providedAPI (processing block 400). Then the user enters the gesture-basedsignature (processing block 402). Processing logic then compares thegesture-based signature that has been newly entered by the user with anexisting registered signature in storage (processing block 404).

Processing logic then determines if the signatures match (processingblock 406). If the signatures do not match, then the signature entry hasfailed and the process returns to block 402 to re-enter thegesture-based signature. Otherwise, if the signatures do result in amatch, then processing logic returns the stored ASCII-based password tothe application/browser for use (processing block 408) and the processis finished.

FIG. 5 illustrates an embodiment of a computing device that implements agesture-based authentication process.

Computer system 500 is shown. The computer system in FIG. 5 generallycomprises a system on a chip (SoC) layout. The SoC layout may beutilized in any type of computer system but is useful for small formfactor mobile computing devices, such as cellular phones, smart phones,and personal digital assistants (PDAs).

The computer system 500 includes a central processing unit (CPU) 502. Ina SoC layout, it is common to have a single CPU, though in otherembodiments that are not shown, one or more additional CPUs are alsolocated in computer system 500.

CPU 502 may be Intel® Corporation CPU or a CPU of another brand. CPU 502includes one or more cores. In the embodiment shown, CPU 502 includesCore A (504), Core B (506), Core C (508), and Core D (510). Only onecore is needed for operation of the computer system, but additionalcores can distribute workloads and potentially increase overall systemperformance. In many embodiments, each core (such as core A (504))includes internal functional blocks such as one or more execution units,retirement units, a set of general purpose and specific registers, etc.If the cores shown in FIG. 5 are multi-threaded or hyper-threaded, theneach hardware thread may be considered as a core as well.

CPU 502 may also include one or more caches, such as last level cache(LLC) 512. In many embodiments that are not shown, additional cachesother than cache 512 are implemented where multiple levels of cacheexist between the execution units in each core and memory. In differentembodiments cache 512 may be apportioned in different ways. Cache 512may be one of many different sizes in different embodiments. Forexample, cache 512 may be an 8 megabyte (MB) cache, a 16 MB cache, etc.Additionally, in different embodiments the cache may be a direct mappedcache, a fully associative cache, a multi-way set-associative cache, ora cache with another type of mapping. The cache may include one largeportion shared among all cores or may be divided into several separatelyfunctional slices (e.g., one slice for each core). Each cache may alsoinclude one portion shared among all cores and several other portionsthat are separate functional slices per core.

In many embodiments, CPU 502 includes a system memory controller 514 toprovide an interface to communicate with system memory 516. Systemmemory 516 may comprise dynamic random access memory (DRAM), such as atype of double data rate (DDR) DRAM, non-volatile memory such as flashmemory, phase change memory (PCM), or another type of memory technology.System memory 516 may be a general purpose memory to store data andinstructions to be operated upon by CPU 502. Additionally, there may beother potential devices within computer system 500 that have thecapability to read and write to the system memories, such as a directmemory access (DMA)-capable I/O (input/output) device. The link (i.e.,bus, interconnect, etc.) that couples CPU 502 with system memory 516 mayinclude one or more optical, metal, or other wires (i.e. lines) that arecapable of transporting data, address, control, and clock information.

CPU 502 also may include an integrated graphics subsystem 518, that iscapable of computing pixel, vertex, and geometry data to be displayed ondisplay device 520. CPU 502 additionally may include a communicationsubsystem 522 that provides an I/O interface to communicate withexternal devices. The communication subsystem 522 may include both wired524 and wireless 526 interfaces. The wired interface 524 may be anEthernet compatible interface, in some embodiments. The wirelessinterface 526 (through one or more antenna components for transmittingand receiving) may be compatible for wireless communications throughseveral protocols. For example, the communication subsystem 522 wirelessinterface 526 may communicate through an IEEE 802.11-based protocol, aBluetooth protocol, a cellular protocol, a WiMAX protocol, and/or one ormore other wireless protocols.

CPU 502 also includes a storage controller 528 to provide an interfaceto a mass storage device 530. Mass storage device 530 may be a hard diskdrive, a solid state drive, or another form of mass storage.Additionally, CPU 502 also is capable of communicating to I/O devices,such as I/O device 532 and I/O device 534 through I/O adapters 536 and538, respectively. The I/O adapters each may allow the CPU 502 tocommunicate with one or more I/O devices through a certain protocol. Forexample, one I/O adapter may be a Universal Serial Bus (USB) adapter toallow for plug in communication through USB ports between the CPU 502and other external USB interfaces.

An input interface 540 allows the computer system 500 to be coupled toinput devices such as a touchscreen 542 or microphone 544. Additionally,a motion sensor unit 546 is located on the system, which tracks themovement of computer system 500 in 3-dimensional space.

In many other embodiments that are not shown, the computing system maybe implemented in a different way, such as in a standard CPU/chipsetconfiguration instead of as a SoC design.

In many embodiments, gesture-based signature identification, comparison,and verification logic may be present in any one of the followinglocations. When at least a portion of the logic is implemented insoftware, the logic may be present in system memory 516 (logic 600),mass storage 530 (logic 602), cache 512 (logic 604), or potentially inany core (not shown). When at least a portion of the logic isimplemented in hardware, the logic may be present in the generalcircuitry (uncore) of the CPU 502 outside of the cores (logic 606).

Elements of embodiments of the present invention may also be provided asa machine-readable medium for storing the machine-executableinstructions. The machine-readable medium may include, but is notlimited to, flash memory, optical disks, compact disks-read only memory(CD-ROM), digital versatile/video disks (DVD) ROM, random access memory(RAM), erasable programmable read-only memory (EPROM), electricallyerasable programmable read-only memory (EEPROM), magnetic or opticalcards, propagation media or other type of machine-readable mediasuitable for storing electronic instructions. For example, embodimentsof the invention may be downloaded as a computer program which may betransferred from a remote computer (e.g., a server) to a requestingcomputer (e.g., a client) by way of data signals embodied in a carrierwave or other propagation medium via a communication link (e.g., a modemor network connection).

In the description above, certain terminology is used to describeembodiments of the invention. For example, the term “logic” isrepresentative of hardware, firmware, software (or any combinationthereof) to perform one or more functions. For instance, examples of“hardware” include, but are not limited to, an integrated circuit, afinite state machine, or even combinatorial logic. The integratedcircuit may take the form of a processor such as a microprocessor, anapplication specific integrated circuit, a digital signal processor, amicro-controller, or the like.

It should be appreciated that reference throughout this specification to“one embodiment” or “an embodiment” means that a particular feature,structure or characteristic described in connection with the embodimentis included in at least one embodiment of the present invention.Therefore, it is emphasized and should be appreciated that two or morereferences to “an embodiment” or “one embodiment” or “an alternativeembodiment” in various portions of this specification are notnecessarily all referring to the same embodiment. Furthermore, theparticular features, structures or characteristics may be combined assuitable in one or more embodiments of the invention.

Similarly, it should be appreciated that in the foregoing description ofembodiments of the invention, various features are sometimes groupedtogether in a single embodiment, figure, or description thereof for thepurpose of streamlining the disclosure aiding in the understanding ofone or more of the various inventive aspects. This method of disclosure,however, is not to be interpreted as reflecting an intention that theclaimed subject matter requires more features than are expressly recitedin each claim. Rather, as the following claims reflect, inventiveaspects lie in less than all features of a single foregoing disclosedembodiment. Thus, the claims following the detailed description arehereby expressly incorporated into this detailed description.

1. A method, comprising: recording a first gesture-based signature;storing the recorded first gesture-based signature into a first storagelocation; comparing the first gesture-based signature with a secondgesture-based signature already stored in a second storage location; andverifying the first gesture-based signature as authentic when the firstgesture-based signature is substantially similar to the secondgesture-based signature.
 2. The method of claim 1, further comprising:registering the second gesture-based signature prior to recording thefirst gesture-based signature, wherein the registering comprisesrecording the second gesture-based signature a plurality of times;calculating an acceptable variability range of the second gesture-basedsignature; and storing a version of the second gesture-based signaturein the second storage location in response to the version at leastfalling with in the calculated variability range.
 3. The method of claim1, further comprising: associating a text-based password with the secondgesture-based signature; and providing the text-based password inresponse to a password request when the first gesture-based signaturehas been verified as authentic.
 4. The method of claim 1, wherein theverifying includes a relative temporal element that at least requiresthe first gesture-based signature to be recorded in a first period oftime, the first period of time being within a predetermined maximumdiscrepancy of time in comparison to a second period of time, the secondperiod of time comprising the amount of time to record the secondgesture-based signature.
 5. The method of claim 4, wherein the verifyingfurther includes comparing data recorded at a plurality of intervals oftime associated with the first gesture-based signature withcorresponding data recorded at the plurality of intervals of timeassociated with the second gesture-based signature.
 6. The method ofclaim 1, wherein the first gesture-based signature includes at least oneof a touch-screen glyph, a spoken phrase, and a movement inthree-dimensional space.
 7. A machine-readable medium having storedthereon instructions, which if executed by a machine causes the machineto perform a method comprising: recording a first gesture-basedsignature; storing the recorded first gesture-based signature into afirst storage location; comparing the first gesture-based signature witha second gesture-based signature already stored in a second storagelocation; and verifying the first gesture-based signature as authenticwhen the first gesture-based signature is substantially similar to thesecond gesture-based signature.
 8. The machine-readable medium of claim7, wherein the performed method further comprises: registering thesecond gesture-based signature prior to recording the firstgesture-based signature, wherein the registering comprises recording thesecond gesture-based signature a plurality of times; calculating anacceptable variability range of the second gesture-based signature; andstoring a version of the second gesture-based signature in the secondstorage location in response to the version at least falling with in thecalculated variability range.
 9. The machine-readable medium of claim 7,wherein the performed method further comprises: associating a text-basedpassword with the second gesture-based signature; and providing thetext-based password in response to a password request when the firstgesture-based signature has been verified as authentic.
 10. Themachine-readable medium of claim 7, wherein the verifying includes arelative temporal element that at least requires the first gesture-basedsignature to be recorded in a first period of time, the first period oftime being within a predetermined maximum discrepancy of time incomparison to a second period of time, the second period of timecomprising the amount of time to record the second gesture-basedsignature.
 11. The machine-readable medium of claim 10, wherein theverifying further includes comparing data recorded at a plurality ofintervals of time associated with the first gesture-based signature withcorresponding data recorded at the plurality of intervals of timeassociated with the second gesture-based signature.
 12. Themachine-readable medium of claim 7, wherein the first gesture-basedsignature includes at least one of a touch-screen glyph, a spokenphrase, and a movement in three-dimensional space.
 13. A device,comprising logic to: record a first gesture-based signature; store therecorded first gesture-based signature into a first storage location;compare the first gesture-based signature with a second gesture-basedsignature already stored in a second storage location; and verify thefirst gesture-based signature as authentic when the first gesture-basedsignature is substantially similar to the second gesture-basedsignature.
 14. The device of claim 13, further comprising logic to:register the second gesture-based signature prior to recording the firstgesture-based signature, the logic being further operable to record thesecond gesture-based signature a plurality of times; calculate anacceptable variability range of the second gesture-based signature; andstore a version of the second gesture-based signature in the secondstorage location in response to the version at least falling with in thecalculated variability range.
 15. The device of claim 13, furthercomprising logic to: associate a text-based password with the secondgesture-based signature; and provide the text-based password in responseto a password request when the first gesture-based signature has beenverified as authentic.
 16. The device of claim 13, wherein the logic isfurther operable to utilize a relative temporal verification elementthat at least requires the first gesture-based signature to be recordedin a first period of time, the first period of time being within apredetermined maximum discrepancy of time in comparison to a secondperiod of time, the second period of time comprising the amount of timeto record the second gesture-based signature.
 17. The device of claim16, wherein the logic is further operable to compare data recorded at aplurality of intervals of time associated with the first gesture-basedsignature with corresponding data recorded at the plurality of intervalsof time associated with the second gesture-based signature.
 18. Thedevice of claim 13, wherein the first gesture-based signature includesat least one of a touch-screen glyph, a spoken phrase, and a movement inthree-dimensional space.
 19. A system, comprising: a processor; a motionsensor; a dynamic random access memory coupled to the processor, thedynamic random access memory to store a set of instructions, which ifexecuted by the processor causes the processor to perform a methodcomprising: recording a first gesture-based signature; storing therecorded first gesture-based signature into a first storage location;comparing the first gesture-based signature with a second gesture-basedsignature already stored in a second storage location; and verifying thefirst gesture-based signature as authentic when the first gesture-basedsignature is substantially similar to the second gesture-basedsignature.
 20. The system of claim 19, wherein the performed methodfurther comprises: registering the second gesture-based signature priorto recording the first gesture-based signature, wherein the registeringcomprises recording the second gesture-based signature a plurality oftimes; calculating an acceptable variability range of the secondgesture-based signature; and storing a version of the secondgesture-based signature in the second storage location in response tothe version at least falling with in the calculated variability range.21. The system of claim 19, wherein the performed method furthercomprises: associating a text-based password with the secondgesture-based signature; and providing the text-based password inresponse to a password request when the first gesture-based signaturehas been verified as authentic.
 22. The system of claim 19, wherein theverifying includes a relative temporal element that at least requiresthe first gesture-based signature to be recorded in a first period oftime, the first period of time being within a predetermined maximumdiscrepancy of time in comparison to a second period of time, the secondperiod of time comprising the amount of time to record the secondgesture-based signature.
 23. The system of claim 22, wherein theverifying further includes comparing data recorded at a plurality ofintervals of time associated with the first gesture-based signature withcorresponding data recorded at the plurality of intervals of timeassociated with the second gesture-based signature.
 24. The system ofclaim 19, wherein the first gesture-based signature includes at leastone of a touch-screen glyph, a spoken phrase, and a movement inthree-dimensional space.